THE Lazarus Groupcollective of hackers affiliated to North Korea, continues its illegal activities by operating the cryptos. Recently, a transaction of 400 ETHor about $ 750,000, was identified on Tornado Cash, a platform known to anonymize blockchain transactions. At the same time, the group launched a new malware campaign aimed at developers, confirming its evolution towards ever more sophisticated attacks.
Lazarus Group and Tornado Cash: an infernal duo for your crypto?
On March 13, 2024, the Certik safety firm detected this transaction in connection with Lazarus. The group, already responsible for several major crypto hacks, including Bybit ($ 1.4 billion in February) and Phemex (29 million in January), regularly uses services like Thorchain for hide his funds. In five days, nearly $ 2.91 billion would have passed through this decentralized protocol, making any attempted recovery extremely complex.
For several years, Lazarus has been based on various methods to escape the authorities, in particular by exploiting mixers like Tornado Cash. These services, although legitimate to preserve the confidentiality of crypto transactions, are often diverted for criminal purposes.
An offensive targeting developers
Beyond money launderingLazarus intensified his Developers' attacks software. Six new malware was identified on the Node Package Manager platform (NPM), an essential service for the management of JavaScript libraries. Among them, the malicious beavertail software, which imitates popular libraries by slightly modifying their names, a technique called typosquatting.
These malware Allow hackers to access sensitive data, including identifiers stored in Chrome, Brave and Firefox browsers, as well as Solana and Exodus wallets. Several cryptocurrencies have also been targeted by false zoom invitations, where hackers pretend to be crypto investors to encourage their victims to download infected files.
A growing risk for the crypto ecosystem
According to Chainalysis, North Korean hackers have stolen 1.3 billion Dollars in 2024, more than double the previous year. This increase testifies to a persistent threat to the safety of crypto assets.
The use of Tornado Cash and Thorchain therefore underlines the difficulties of the authorities to trace and block these funds. Faced with these repeated attacks, Crypto developers and companies must strengthen their security measures To limit their exposure to cybercriminals.
Maximize your Cointribne experience with our 'Read to Earn' program! For each article you read, earn points and access exclusive rewards. Sign up now and start accumulating advantages.
